Think of the U.S. power grid and one might conjure up images of utility poles, pipelines, and generators. Computer systems? Maybe not so much.
The reality, however, is that the modern American power grid relies extensively on computers to help with everything from regulating power flow to detecting nuclear power plant overheating. And any time computers enter the equation, so does the risk of malicious hacking.
That’s precisely what energy industry executives conveyed to Congress in a recent Senate Energy and Natural Resources Committee hearing. The hearing focused largely on security clearance issues, a common theme being that efforts to improve coordination between industry and government have been hampered by DOE’s failure to timely investigate and adjudicate background investigations. One former House Intelligence Committee Chairman, now CEO of the American Gas Association, noted that he has been waiting for over a year for approval of a DOE Top Secret (Q) clearance – despite already possessing one from DoD.
Lawmakers from both parties have raised concerns over the topic, saying the country is ill-equipped to respond to a major cyberattack on the energy grid. Nonetheless, DOE has apparently done little to resolve backlogs in the security clearance process and has attributed the problems to government-wide bottlenecks despite their agency’s fairly large in-house cadre of personnel security officials.
That didn’t sit well with lawmakers, many of whom expressed concern about glaring vulnerabilities in American energy infrastructure.
“I’m convinced that the next major event in America is going to be a cyber event,” Sen. Jim Risch (R-Idaho) said at the hearing.
Sen. Bill Cassidy (R-La.) was more specific with his concern over the country’s ability to respond to an electromagnetic pulse, like the kind that would occur following a nuclear blast or an attack with a weapon specifically designed to create that effect.
One particular lingering question that was not resolved at the hearing was whether or not DOE has followed-through with a December 2016 Obama Administration mandate to “convene a discussion” and ensure that pending industry security clearance requests were adjudicated within 120 days. Yet in light of the lingering complaints, one can venture a fairly confident guess that whatever “discussion” occurred failed to result in action. That’s not an encouraging sign.
This article is intended as general information only and should not be construed as legal advice. Consult an attorney regarding your specific situation.
